Security systems often use physical cards or badges, made of plastic, cardboard, or similar, that are presented by users to security personnel at points of egress, such as an entrance to a building. A badge may include a picture of the badge holder, information about the holder and issuing authority (e.g., issuing agency, clearance level of holder, etc.) along with official indicia on the badge to deter counterfeiting (e.g., a raised seal, a pattern that is only visible by UV light, etc.). Security personnel would view the badge as the holder attempts to enter a restricted area and confirm that the picture matches the holder, the holder possesses appropriate clearance level to enter the restricted area, and that the badge is genuine.
Some of the drawbacks to badges include the fact that that a badge may be lost by the badge holder, a badge may be (improperly) retained by the holder even after the holder is no longer authorized to enter the restricted area (e.g., following termination), and a badge may be improperly altered. Some of these issues may be addressed by providing security personnel with a mechanism to confirm information visible on the badge. For example, security personnel may be provided with a computer terminal that is connected to a centralized database that shows (and confirms) information visible on a badge. In operation, a badge holder presents his badge to security personnel at a point of egress and waits while the guard confirms, on a computer screen, that the badge holder is authorized to enter the restricted area. While such a system may improve security over a visual-only inspection at a point of egress, it may result in additional delays while security personnel verify each person entering the restricted area on a computer screen.
An alternative is to provide electronic credentials that a user can carry on a mobile phone, a smart card, etc. The electronic credentials may be presented to reading devices that automatically provide egress (e.g., unlock a door). An advantage to electronic credentials is that they can be used without the need to have security personnel at each point of egress since the reading devices that cause the doors to open may be unattended. In addition, the electronic credentials can be invalidated remotely (e.g., via an over-the-air connection, by simply not providing a needed value to cause the credential to continue to operate, etc.). However, a significant disadvantage is the relative ease of improperly using the electronic credentials of another, which is improper and insecure.
Accordingly, it is desirable to provide a system that provides benefits of electronic credentials but reduces the possibilities of improperly using credentials of someone else.